STIGQter: STIG Summary: Application Server Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 23 Oct 2020:

The application server must protect against or limit the effects of all types of Denial of Service (DoS) attacks by employing organization-defined security safeguards.

DISA Rule

SV-204815r508029_rule

Vulnerability Number

V-204815

Group Title

SRG-APP-000435

Rule Version

SRG-APP-000435-AS-000163

Severity

CAT II

CCI(s)

• CCI-002385 - The information system protects against or limits the effects of organization-defined types of denial of service attacks by employing organization-defined security safeguards.

Weight

10

Fix Recommendation

Configure the application server to protect against or limit the effects of all types of Denial of Service (DoS) attacks by employing defined security safeguards.

Check Contents

Review application server documentation and configuration to determine if the application server can protect against or limit the effects of all types of Denial of Service (DoS) attacks by employing defined security safeguards.

If the application server cannot be configured to protect against or limit the effects of all types of DoS, this is a finding.

Vulnerability Number

V-204815

Documentable

False

Rule Version

SRG-APP-000435-AS-000163

Severity Override Guidance

Review application server documentation and configuration to determine if the application server can protect against or limit the effects of all types of Denial of Service (DoS) attacks by employing defined security safeguards.

If the application server cannot be configured to protect against or limit the effects of all types of DoS, this is a finding.

Check Content Reference

M

Target Key

2900

Comments